Before you use Message Queue for Apache RocketMQ, you must activate it on the Alibaba Cloud official website. If your account is a Resource Access Management (RAM) user, you must grant permissions to the RAM user before you can use the console or API to access the corresponding Message Queue for Apache RocketMQ resources and use the resources to send and subscribe to messages by using SDKs.

Prerequisites

An Alibaba Cloud account is created and real-name verification is complete. For more information, see Sign up with Alibaba Cloud.

Step 1: Activate Message Queue for Apache RocketMQ

  1. Open the Message Queue for Apache RocketMQ product details page.
  2. Click Log In in the upper-right corner of the page.
  3. On the Sign In page, enter your Alibaba Cloud account and password, and click Sign In.
  4. On the product details page, click Console.
    You are redirected to the Message Queue for Apache RocketMQ console.
  5. On the Overview page, click Activate Now for Free.
    Activate Now for Free
  6. On the service activation page, read the content of the order and the service agreement, select Message Queue (MQ) Terms of Service, and then click Activate Now.

Step 2: (Required) Grant permissions to a RAM user

  1. Log on to the RAM console.
  2. In the left-side navigation pane, choose Identities > Users.
  3. On the Users page, find the RAM user to which you want to grant permissions and click Add Permissions in the Actions column.
  4. In the Add Permissions panel, click the policy that you want to grant to the RAM user. Then, click OK.
Message Queue for Apache RocketMQ provides the following system policies. You can grant related permissions to the RAM user based on the permission scope.
Policy Description
AliyunMQFullAccess The permission to manage Message Queue for Apache RocketMQ. This permission is equivalent to the permission that the Alibaba Cloud account has. A RAM user to which this permission is granted can send and subscribe to all messages and use all the features of the console.
AliyunMQPubOnlyAccess The publishing permission of Message Queue for Apache RocketMQ. A RAM user to which this permission is granted can use all the resources of the Alibaba Cloud account to send messages by using SDKs.
AliyunMQSubOnlyAccess The subscription permission of Message Queue for Apache RocketMQ. A RAM user to which this permission is granted can use all the resources of the Alibaba Cloud account to subscribe to messages by using SDKs.
AliyunMQReadOnlyAccess The read-only permission on Message Queue for Apache RocketMQ. A RAM user to which this permission is granted can only read resource information by using the console or by calling API operations.
Note System permissions cover a large permission scope. For example, after a RAM user is granted AliyunMQFullAccess that represents full permissions, the RAM user can manage all resources of Message Queue for Apache RocketMQ. Message Queue for Apache RocketMQ provides more custom policies for fine-grained authorization on a specific type of resource. For example, you can grant RAM users only permissions to manage topics in the console. For more information about custom policies, see Policies and examples.
  1. In the Add Permissions panel, click Complete.

What to do next

You can click Console to create resources. For more information, see Create resources.